DMEA Accredited Trusted Supplier

The DoD has entrusted Chip Scan to assure our nation's most sensitive technologies.

How Chip Scan Benefits Your Program

Chip Scan's assurance applies to both commercial and sensitive custom integrated circuits. Since 2011, all acquisition contracts for unclassified commercial components are subject to FAR Part 12, DFARS 252.239-7306 and 252.239-7018, which requires all items used for intelligence activities, national security cryptography, command and control of military forces, integral to weapons, non-routine critical to the direct fulfillment of military/intelligence missions to be risk mitigated against sabotage, unwanted malicious functions, subversion of a covered system as to surveil, deny, disrupt, degrade function/use/operations of such a system. This includes both government and contractor operated items.

Chip Scan's scope of accreditation from the DMEA allows us to perform design and trusted product evaluations of digital microelectronics.

As a trusted product evaluator, we are accredited to perform vulnerability analysis of digital microelectronics designs. DMEA's Trusted Flow also requires that any reasonable findings must be remediated. Chip Scan is also accredited to perform this function.

As a DMEA-accredited design entity, Chip Scan can design microelectronics for both Trusted and non-sensitive applications.

While other Trusted Suppliers fill many essential roles within the Trusted Flow ecosystem, we operate with authorization from the DMEA to identify, reveal and assist in remedying microelectronics vulnerabilities.

Our ability to both identify and remediate these threats to the supply chain, for instance, in the context of third-party IP, puts us in a unique position among trusted suppliers.

Chip Scan's capabilities fulfill DoD Policy and Requirements for mission-critical systems under DoDI 5200.44 and  FAR Part 12, DFARS 252.239-7306 and 252.239-7018. Especially systems that are HIGH IMPACT (IAW 8510.01) must be assured for supply chain threats and stand to benefit from engaging with Chip Scan.

We "establish an assured Chain of Custody for both unclassified and classified integrated circuits."

Chip Scan's Trusted Flow has been scrutinized and approved for maintaining Chain of Custody from start to finish. While we offer similar assurance for our commercial customers, Chip Scan goes the extra mile to meet DoDI 5200.44. All DoD information systems and weapons systems with a high impact level under IAW 8510.01 or any other critical DoD information system must be provided with assurance consistent with the criticality of the system and with their role within the system. Chip Scan is thus an important and necessary part of the process.

We "ensure reasonable threats related to supply chain are remediated."

While threats to the global supply chain are ever present and all actors within it must maintain best practices and vigilance, certain threats that are carried through from legacy intellectual property (IP), third party IP and insiders are particularly difficult to detect. Chip Scan's capabilities for detection of these supply chain threats are at the heart of reasonable remediation of supply chain threats. We offer rapid analysis and findings where others do not.

We "prevent the intentional and/or unintentional modification or tampering of the integrated circuits."

Our trusted evaluation process perfectly fits this requirement. We provide a report of findings, including any undocumented functionality, trojans, backdoors and other threats along with methods for exercising and examining these threats for the system owner's remediation. At the owner's request, we can also perform remediation.

We "protect the designs from unauthorized attempts to reverse engineer, exposure of functionality or evaluation of possible vulnerabilities."

Chip Scan is presently the only Trusted Supplier that specifically is authorized to discover vulnerabilities for remediation and cyber hardening of a design against attack. We also offer custom microelectronics Anti-Tamper mechanisms that complement the Trusted Flow practices. Thus, Chip Scan is an important and necessary part of the process.

Why does the DMEA Accredited Trusted Flow exist?

The microelectronics supply chain is the heart of our nation's advanced aerospace, defense, and industrial capabilities. Now more than ever, geopolitical vulnerabilities represent challenges to all microelectronics organizations. Digital microelectronics at all lifecycle stages depend on entities distributed worldwide, from legacy parts sustainment to leading-edge fabrication. Any disruption or threat, such as introducing counterfeits, tampering, modifying IP, or inserting hardware trojans, will have catastrophic consequences for aerospace/defense, industrial, consumer, energy services, and transportation.

That's why the Trusted Foundry Program (TFP) was established in 2003 to provide trusted fabrication capabilities to the Department of Defense and why the circle of trust was expanded in 2005 to encompass the broader hardware manufacturing supply chain. DMEA chooses only a select number of suppliers as Trusted Suppliers, and for a good reason: these companies have demonstrated an unwavering commitment to upholding the highest standards of security, and have implemented accredited Trusted Flows that ensure a level of trust commensurate with the assurance required to process our nation's most sensitive microelectronics.

So if you're looking for a Trusted Supplier who can assist in the remediation of reasonable threats to your design while maintaining the Chain of Custody, Chip Scan is here for you. Our rigorous standards and trusted processes guarantee the highest level of assurance for your most critical applications.

Level up your security today

All high impact systems must factor in use of Trusted Suppliers across multiple components, including trusted product evaluation as an element of program protection.  Contact us today to learn more about how Chip Scan might resolve requirements for program protection, systems security engineering, planning and protocols.